Search Results: "Roberto C. Sanchez"

17 November 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In October, about 197 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours increased slightly to 183 hours per month. With the increasing number of security issues to deal with, and with the number of open issues not really going down, I decided to bump the funding target to what amounts to 1.5 full-time position.
The security tracker currently lists 50 packages with a known CVE and the dla-needed.txt file 36 (we re a bit behind in CVE triaging apparently).
Thanks to our sponsors
New sponsors are in bold.

20 October 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In August, about 170 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours is the same as last month. But we have a new sponsor in the pipe.
The security tracker currently lists 52 packages with a known CVE and the dla-needed.txt file 49. The number of packages with open issues decreased slightly compared to last month but we re not yet back to the usual situation.
Thanks to our sponsors
New sponsors are in bold.

17 September 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In August, about 189 work hours have been dispatched among 12 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours is the same as last month.
The security tracker currently lists 59 packages with a known CVE and the dla-needed.txt file 60. The number of packages with open issues decreased slightly compared to last month but we re not yet back to the usual situation. The number of CVE to fix per package tends to increase due to the increased usage of fuzzers.
Thanks to our sponsors
New sponsors are in bold.

18 August 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In July, about 181 work hours have been dispatched among 11 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours increased slightly with two new sponsors: Leibniz Rechenzentrum (silver sponsor) and Catalyst IT Ltd (bronze sponsor).
The security tracker currently lists 74 packages with a known CVE and the dla-needed.txt file 64. The number of packages with open issues increased of almost 50% compared to last month. Hopefully this backlog will get cleared up when the unused hours will actually be done. In any case, this evolution is worth watching.
Thanks to our sponsors
New sponsors are in bold.

11 July 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In May, about 161 work hours have been dispatched among 11 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours increased slightly with one new bronze sponsor and another silver sponsor is in the process of joining.
The security tracker currently lists 49 packages with a known CVE and the dla-needed.txt file 54. The number of open issues is close to last month.
Thanks to our sponsors
New sponsors are in bold.

13 June 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In May, about 182 work hours have been dispatched among 11 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours did not change and we are thus still a little behind our objective.
The security tracker currently lists 44 packages with a known CVE and the dla-needed.txt file 42. The number of open issues is close to last month.
Thanks to our sponsors
New sponsors are in bold (none this month unfortunately).

16 May 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In April, about 190 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours decreased slightly and we re now again a little behind our objective.
The security tracker currently lists 54 packages with a known CVE and the dla-needed.txt file 37. The number of open issues is comparable to last month.
Thanks to our sponsors
New sponsors are in bold.

13 April 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In March, about 190 work hours have been dispatched among 14 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours has been unchanged but will likely decrease slightly next month as one sponsor will not renew his support (because they have switched to CentOS).
The security tracker currently lists 52 packages with a known CVE and the dla-needed.txt file 40. The number of open issues continued its slight increase not worrisome yet but we need to keep an eye on this situation.
Thanks to our sponsors
New sponsors are in bold.

16 March 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In January, about 154 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours increased slightly thanks to Bearstech and LiHAS joining us.
The security tracker currently lists 45 packages with a known CVE and the dla-needed.txt file 39. The number of open issues continued its slight increase, this time it could be explained by the fact that many contributors did not spend all the hours allocated (for various reasons). There s nothing worrisome at this point.
Thanks to our sponsors
New sponsors are in bold.

13 February 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In January, about 159 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours increased slightly thanks to Exonet joining us.
The security tracker currently lists 37 packages with a known CVE and the dla-needed.txt file 36. The situation is roughly similar to last month even though the number of open issues increased slightly.
Thanks to our sponsors
New sponsors are in bold.

16 January 2017

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In December, about 175 work hours have been dispatched among 14 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours did not increase but a new silver sponsor is in the process of joining. We are only missing another silver sponsor (or two to four bronze sponsors) to reach our objective of funding the equivalent of a full time position.
The security tracker currently lists 31 packages with a known CVE and the dla-needed.txt file 27. The situation improved a little bit compared to last month.
Thanks to our sponsors
New sponsors are in bold.

16 December 2016

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In October, about 150 work hours have been dispatched among 14 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours did not change this month and in fact we haven t had any new sponsor since September. We still need a couple of supplementary sponsors to reach our objective of funding the equivalent of a full time position.
The security tracker currently lists 40 packages with a known CVE and the dla-needed.txt file 36. We don t seem to really catch up the small backlog. The reasons are not clear but I noticed that there are a few packages that take a lot of time due to the number of issues found with fuzzers. We also handle many issues that the security team ends up classifying as not worth an update because we add the package to dla-needed.txt before the security team has done its review and nobody checks afterwards.
Thanks to our sponsors
New sponsors are in bold.

14 November 2016

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In October, about 175 work hours have been dispatched among 14 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours did not change this month. We still need a couple of supplementary sponsors to reach our objective of funding the equivalent of a full time position.
The security tracker currently lists 34 packages with a known CVE and the dla-needed.txt file 29. The situation improved slightly compared to last month.
Thanks to our sponsors
New sponsors are in bold.

19 October 2016

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In September, about 152 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours reached 172 hours per month thanks to maxcluster GmbH joining as silver sponsor and RHX Srl joining as bronze sponsor.
We only need a couple of supplementary sponsors now to reach our objective of funding the equivalent of a full time position.
The security tracker currently lists 39 packages with a known CVE and the dla-needed.txt file 34. It s a small bump compared to last month but almost all issues are affected to someone.
Thanks to our sponsors
New sponsors are in bold.

13 September 2016

Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In August, 140 work hours have been dispatched among 10 paid contributors. Their reports are available:

Evolution of the situation
The number of sponsored hours rised to 167 hours per month thanks to UR Communications BV joining as gold sponsor (funding 1 day of work per month)!
In practice, we never distributed this amount of work per month because some sponsors did not renew in time and some of them might not even be able to renew at all.
The security tracker currently lists 31 packages with a known CVE and the dla-needed.txt file 29. It s a small bump compared to last month but almost all issues are affected to someone.
Thanks to our sponsors
New sponsors are in bold.

17 January 2016

Toolchain fixes
Benjamin Drung uploaded mozilla-devscripts/0.43 which sorts the file list in preferences files. Original patch by Reiner Herrmann.
Lunar submitted an updated patch series to make timestamps in packages created by dpkg deterministic. To ensure that the mtimes in data.tar are reproducible, with the patches, dpkg-deb uses the --clamp-mtime option added in tar/1.28-1 when available. An updated package has been uploaded to the experimental repository. This removed the need for a modified debhelper as all required changes for reproducibility have been merged or are now covered by dpkg.

reproducible.debian.net
Once again, Vagrant Cascadian is providing another armhf build system, allowing to run 6 more armhf builder jobs, right there. (h01ger)
Stop requiring a modified debhelper and adapt to the latest dpkg experimental version by providing a predetermined identifier for the .buildinfo filename. (Mattia Rizzolo, h01ger)
New X.509 certificates were set up for jenkins.debian.net and reproducible.debian.net using Let's Encrypt!. Thanks to GlobalSign for providing certificates for the last year free of charge. (h01ger)

1 March 2008

In November 2007 Roberto C. Sanchez filed bug #451690 in irssi: Please include a doc-base registration file.
Including this file isn’t that hard, and while reading the Debian doc-base Manual I found out that “Every Debian package that provides online documentation (other than manual pages) will register these documents to doc-base.”
So, if a missing doc-base registration file is important enough for someone to file a bug on, why does my /usr/share/doc-base/ only contain 69 files compared to the 1444 files in /usr/share/doc/ ?